From: Andy Green <andy@warmcat.com>
Date: Sun, 10 Sep 2017 00:00:27 +0000 (+0800)
Subject: openssl wrapper: introduce SSL_get0_param
X-Git-Tag: v3.1-dev~46^2~2
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0f02a3826222509e3598c74c894a9336da23cae5;p=esp-idf

openssl wrapper: introduce SSL_get0_param

This adds the standard OpenSSL api to get a pointer to the SSL struct's
X509_VERIFY_PARAM.  We need this for the OpenSSL api to set the peer
hostname introduced in the next patch.

Part of https://github.com/espressif/esp-idf/pull/980
---

diff --git a/components/openssl/include/openssl/ssl.h b/components/openssl/include/openssl/ssl.h
index 4af037af6a..87a67fc06f 100755
--- a/components/openssl/include/openssl/ssl.h
+++ b/components/openssl/include/openssl/ssl.h
@@ -1523,6 +1523,15 @@ long SSL_get_timeout(const SSL *ssl);
  */
 int SSL_get_verify_mode(const SSL *ssl);
 
+/**
+ * @brief get SSL verify parameters
+ *
+ * @param ssl - SSL point
+ *
+ * @return verify parameters
+ */
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
 /**
  * @brief get SSL write only IO handle
  *
diff --git a/components/openssl/library/ssl_x509.c b/components/openssl/library/ssl_x509.c
index ef0503c053..bd811e0a92 100644
--- a/components/openssl/library/ssl_x509.c
+++ b/components/openssl/library/ssl_x509.c
@@ -117,6 +117,15 @@ failed1:
     return NULL;
 }
 
+/**
+ * @brief return SSL X509 verify parameters
+ */
+
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+{
+    return &ssl->param;
+}
+
 /**
  * @brief set SSL context client CA certification
  */